Priya Dogra – Certification | Jobs | Internships
Related Articles
Lesson 10: SOAR Quiz Answers
Question 1: What is a common use case for an implementation of SOAR by customers?
- Guarding against DoS attacks
- Detecting zero-day attacks
- Phishing investigations
- Logging events and alerts
Question 2: Which statement best describes SOAR?
- SOAR collects logs from all security tools to improve network visibility
- SOAR orients the security team by defining and categorizing cyberattacks
- SOAR plays out potential cyberattacks to improve network security preparedness
- SOAR connects all security tools together into defined workflows that can be run automatically
Question 3: Which is a benefit of SOAR?
- It deflects DDoS attacks and identifies the Command and Control source
- It reports on which endpoints require patching and have security vulnerabilities
- It increases security team efficacy by automating repetitive processes
- It analyzes and generates a security score to measure improvements in network security
Question 4: What are playbooks used for?
- To plan a set of manual tasks to be completed by analysts
- To automate the actions that an analyst would typically do manually
- To describe the order in which analysts complete tasks
- To provide a set of scenarios of predicted cyberattack methods
Question 5: What is alert fatigue?
- The SOAR system is overloaded by the amount of network traffic
- Analysts are overwhelmed by the number of alerts
- Measures the time lag to resolve alerts
- Analysts reduce the number of alerts using SOAR
Question 6: What are three reasons SOAR is used? (Choose three.)
- Compensate for the skill shortage
- Collaborate with other analysts
- Analyze workload
- Accelerate response times
- Reduce alert fatigue
